$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4B86/8933148AF7E311EF8ADA8A41C4F9AE02/pcmHAk0KjqwJZAn9mewy7JBHC6M.mft File: pcmHAk0KjqwJZAn9mewy7JBHC6M.mft (raw, json) Hash identifier: LgXH2t4FgsxYCrBdT1/rquyQk3ItzvSjPInSS27JthQ= Subject key identifier: 75:F7:33:30:61:58:8D:13:1F:67:17:D5:A6:17:DE:0D:B0:5D:69:A0 Authority key identifier: A5:C9:87:02:4D:0A:8E:AC:09:64:09:FD:99:EC:32:EC:90:47:0B:A3 Certificate issuer: /CN=A91E4B86/serialNumber=A5C987024D0A8EAC096409FD99EC32EC90470BA3 Certificate serial: 45 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/pcmHAk0KjqwJZAn9mewy7JBHC6M.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E4B86/8933148AF7E311EF8ADA8A41C4F9AE02/pcmHAk0KjqwJZAn9mewy7JBHC6M.mft Manifest number: 42 Signing time: Thu 03 Jul 2025 07:42:28 +0000 Manifest this update: Thu 03 Jul 2025 07:42:27 +0000 Manifest next update: Thu 10 Jul 2025 07:42:27 +0000 Files and hashes: 1: pcmHAk0KjqwJZAn9mewy7JBHC6M.crl (hash: THdqDtpb8YeFvyTXuvv4vrdZS6UJPHaA+OhXD9gVOBk=) 2: 4C51E1D4F7E511EF9A28D363C4F9AE02.roa (hash: EWVCVV5zCZB19LClSuWFTWXQU193NPHqHKJqFm4wMOE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E4B86/8933148AF7E311EF8ADA8A41C4F9AE02/pcmHAk0KjqwJZAn9mewy7JBHC6M.crl rsync://rpki.apnic.net/member_repository/A91E4B86/8933148AF7E311EF8ADA8A41C4F9AE02/pcmHAk0KjqwJZAn9mewy7JBHC6M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/pcmHAk0KjqwJZAn9mewy7JBHC6M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69 (0x45) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E4B86, serialNumber=A5C987024D0A8EAC096409FD99EC32EC90470BA3 Validity Not Before: Jul 3 07:42:27 2025 GMT Not After : Jul 10 07:42:27 2025 GMT Subject: CN=68663464-c5d2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:66:11:a2:e2:b3:5a:3b:13:5f:a2:88:ae:9b: c6:db:8f:ce:21:54:78:9c:ab:41:30:b7:ab:7b:b4: 3d:81:42:67:9a:73:55:64:26:c7:08:d6:d0:20:08: 73:d9:7e:e2:a8:8d:fb:89:64:4c:d1:5f:7a:cd:78: f6:05:23:a6:d4:72:11:c1:3f:ea:3b:ec:f6:99:9f: 42:c6:83:57:44:31:68:f4:ba:c9:0c:94:b0:45:0d: 34:61:93:50:81:f9:1c:12:e0:fe:b3:f2:55:73:cd: c5:90:e7:ec:f7:ef:f3:e2:23:f1:d9:d8:0c:b1:84: 4c:0b:c1:03:7f:02:c5:62:5e:eb:b7:aa:58:d1:96: 61:67:e7:68:82:5c:30:36:fb:46:91:fe:48:73:59: 42:27:89:ca:95:42:a7:93:68:ab:3f:7a:bf:ef:e8: f4:8a:34:8d:13:ea:82:8c:2f:50:0a:70:7a:1a:62: be:9e:00:0e:ef:26:95:97:d4:ed:ea:99:a0:f9:4e: c1:7c:80:fb:bf:e0:e7:e6:fc:b8:e6:67:93:84:47: b5:e5:d0:83:a2:bc:6b:a5:e7:13:6e:de:01:44:1f: 53:2b:9d:71:c1:b4:3c:be:4f:de:04:4c:c2:b5:19: 7c:2e:6d:05:b7:34:f2:8d:17:46:97:cc:c7:d7:b3: c8:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:F7:33:30:61:58:8D:13:1F:67:17:D5:A6:17:DE:0D:B0:5D:69:A0 X509v3 Authority Key Identifier: keyid:A5:C9:87:02:4D:0A:8E:AC:09:64:09:FD:99:EC:32:EC:90:47:0B:A3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E4B86/8933148AF7E311EF8ADA8A41C4F9AE02/pcmHAk0KjqwJZAn9mewy7JBHC6M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/pcmHAk0KjqwJZAn9mewy7JBHC6M.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4B86/8933148AF7E311EF8ADA8A41C4F9AE02/pcmHAk0KjqwJZAn9mewy7JBHC6M.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 54:c2:91:dd:9b:20:f6:e2:a3:3d:76:61:0d:42:e6:74:69:36: c2:4c:af:a7:cc:f6:d1:e2:f0:4e:60:79:c7:6c:bb:6b:1d:2d: 10:46:cb:f2:ae:79:b2:a1:5c:eb:9d:3c:5f:a1:2f:7a:0c:1a: b1:da:86:8a:27:52:cd:a5:95:cb:c3:f1:85:63:70:02:6e:8f: 9a:6e:03:03:01:0b:0c:48:d0:f2:92:41:58:5d:51:1d:52:40: 89:d1:c9:7e:8a:b9:d0:f0:bc:69:06:b9:85:d6:d9:78:6e:bd: bc:6f:8f:a0:42:6e:0f:39:79:b5:31:43:15:4d:cc:89:96:74: 4e:05:ab:b8:61:63:c6:57:be:e2:7b:6f:fe:2a:61:fe:ea:d3: 8a:59:62:c5:eb:e7:01:53:fc:56:71:b2:82:d9:dd:2e:f3:a7: e0:32:20:63:bd:10:9d:33:70:f2:7d:4f:ae:6f:d3:4c:82:eb: 8d:24:9f:34:9b:77:c2:f5:ad:20:05:43:44:e5:20:e5:d6:2b: c9:bc:f9:a9:47:b7:e2:d2:fd:be:e2:c7:13:9f:a6:b8:e2:70: 03:88:84:09:71:e4:6b:8e:e3:57:67:79:c0:ad:b8:a4:1a:01: 69:fc:ab:ee:32:3e:8a:75:32:a9:7c:d1:be:06:0e:ba:64:1d: ed:72:8e:42 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBRTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF NEI4NjExMC8GA1UEBRMoQTVDOTg3MDI0RDBBOEVBQzA5NjQwOUZEOTlFQzMyRUM5 MDQ3MEJBMzAeFw0yNTA3MDMwNzQyMjdaFw0yNTA3MTAwNzQyMjdaMBgxFjAUBgNV BAMTDTY4NjYzNDY0LWM1ZDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC1ZhGi4rNaOxNfooium8bbj84hVHicq0Ewt6t7tD2BQmeac1VkJscI1tAgCHPZ fuKojfuJZEzRX3rNePYFI6bUchHBP+o77PaZn0LGg1dEMWj0uskMlLBFDTRhk1CB +RwS4P6z8lVzzcWQ5+z37/PiI/HZ2AyxhEwLwQN/AsViXuu3qljRlmFn52iCXDA2 +0aR/khzWUInicqVQqeTaKs/er/v6PSKNI0T6oKML1AKcHoaYr6eAA7vJpWX1O3q maD5TsF8gPu/4Ofm/LjmZ5OER7Xl0IOivGul5xNu3gFEH1MrnXHBtDy+T94ETMK1 GXwubQW3NPKNF0aXzMfXs8hPAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUdfczMGFY jRMfZxfVphfeDbBdaaAwHwYDVR0jBBgwFoAUpcmHAk0KjqwJZAn9mewy7JBHC6Mw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU0Qjg2Lzg5MzMxNDhBRjdF MzExRUY4QURBOEE0MUM0RjlBRTAyL3BjbUhBazBLanF3SlpBbjltZXd5N0pCSEM2 TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvcGNtSEFrMEtqcXdKWkFuOW1ld3k3SkJIQzZNLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU0 Qjg2Lzg5MzMxNDhBRjdFMzExRUY4QURBOEE0MUM0RjlBRTAyL3BjbUhBazBLanF3 SlpBbjltZXd5N0pCSEM2TS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAFTCkd2bIPbioz12YQ1C5nRpNsJMr6fM9tHi8E5gecdsu2sdLRBGy/Ku ebKhXOudPF+hL3oMGrHahoonUs2llcvD8YVjcAJuj5puAwMBCwxI0PKSQVhdUR1S QInRyX6KudDwvGkGuYXW2Xhuvbxvj6BCbg85ebUxQxVNzImWdE4Fq7hhY8ZXvuJ7 b/4qYf7q04pZYsXr5wFT/FZxsoLZ3S7zp+AyIGO9EJ0zcPJ9T65v00yC640knzSb d8L1rSAFQ0TlIOXWK8m8+alHt+LS/b7ixxOfprjicAOIhAlx5GuO41dnecCtuKQa AWn8q+4yPop1Mql80b4GDrpkHe1yjkI= -----END CERTIFICATE-----Generated at Thu Jul 3 22:49:35 2025 by rpki-client